package com.jshop.admin.shiro;

import com.jshop.admin.sys.dao.SysMenuDao;
import com.jshop.admin.sys.dao.SysUserDao;
import com.jshop.admin.sys.entity.SysMenuEntity;
import com.jshop.admin.sys.entity.SysUserEntity;
import com.jshop.admin.sys.service.SysMenuService;
import com.jshop.common.constant.AdminConstant;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;

import java.util.*;

@Repository
public class AuthRealm extends AuthorizingRealm {
    @Autowired
    private SysUserDao sysUserDao;
    @Autowired
    private SysMenuDao sysMenuDao;
//    @Autowired
//    private SysMenuService sysMenuService;

    /**
     * 授权
     *
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//        SysUserEntity user = (SysUserEntity) principals.getPrimaryPrincipal();
        List<String> permsList = new ArrayList<>();
//        if (user.getUserId() == AdminConstant.SUPER_ADMIN) {
            permsList = sysMenuDao.selectAllPerms();
//        } else {
//            permsList = sysUserDao.queryAllPerms(user.getUserId());
//        }
//       permsList =  loginService.queryAllPerms(user.getUserId());
//        //用户权限列表
//        Set<String> permsSet = new HashSet<String>();
//        if (permsList != null && permsList.size() != 0) {
//            for(String perms : permsList) {
//                if ("".equals(perms)) {
//                    continue;
//                }
//                permsSet.addAll(Arrays.asList(perms.trim().split(",")));
//            }
//        }
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        return info;
    }

    /**
     * 登陆，认证
     *
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String username = (String) token.getPrincipal();
        String password = new String((char[]) token.getCredentials());
        //查询用户信息
        SysUserEntity user = sysUserDao.queryByUserName(username);
        //账号不存在
        if (user == null) {
            throw new UnknownAccountException("账号或密码不正确");
        }
//        //密码错误
//        if (!password.equals(user.getPassword())) {
//            throw new IncorrectCredentialsException("账号或密码不正确");
//        }

        //账号锁定
        if (user.getStatus() == 0) {
            throw new LockedAccountException("账号已被锁定,请联系管理员");
        }
        // 把当前用户放入到session中
        Subject subject = SecurityUtils.getSubject();
        Session session = subject.getSession(true);
        session.setAttribute(AdminConstant.CURRENT_USER, user);

        List<String> permsList;
        //系统管理员，拥有最高权限
        if (AdminConstant.SUPER_ADMIN == user.getUserId()) {
            List<SysMenuEntity> menuList = sysMenuDao.queryList(new HashMap<String, Object>());
            permsList = new ArrayList<>(menuList.size());
            for(SysMenuEntity menu : menuList) {
                permsList.add(menu.getPerms());
            }
        } else {
            permsList = sysUserDao.queryAllPerms(user.getUserId());
        }

        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());
        return info;
    }
}
